Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ADS errors and wierdness

Posted on 2011-09-16
2
Medium Priority
?
770 Views
Last Modified: 2012-05-12
I need help answering all these questions / warning / errors reported below
Thank you in advance

We have two separate forest.
(1) Forest named Domain.local
(2) Other forest named Resource.local
There is a one way trust for this domain

Domain.local
Domains trusted by this domain (outgoing trust)
      Blank
Domains that trust this domain (incoming trust)
      Resource.local

We are getting a lot of 40961 errors on member servers that are in the resource.local domain
The errors on the servers report that

The Security System could not establish a secured connection with the server LDAP/DC-A.domain.LOCAL/domain.LOCAL@domain.LOCAL. No authentication protocol was available.

When running best practice analyzer it reports

On resource.local domain

Error: The DC-Resource-C.resource.LOCAL DNS server is referencing the invalid 172.16.1.10 DNS server on the vmxnet3 Ethernet Adapter (MAC: 00:50:FS:B9:10:H0) network adapter.

Error: The DC-Resource-E.resource.LOCAL DNS server is referencing the invalid 172.16.1.10 DNS server on the Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) (MAC: 28:1B:hB:92:De:84) network adapter.


Error: Dynamic DNS registration is enabled on the vmxnet3 Ethernet Adapter (MAC: 00:50:FS:B9:10:H0)  external network adapter on DC-Resource-C.resource.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) (MAC: 28:1B:hB:92:De:84) external network adapter on the DC-Resource-E.resource.LOCAL server.

See also: KB 816592

Warning: The DC-Resource-C.resource.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-Resource-E.resource.LOCAL server is not connected to any of the specified subnets.


On domain.local domain

Error: A subnet was not defined in this wizard for the 172.16.4.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.5.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.6.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.7.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.8.0/24 subnet found in the Office Active Directory site.



The Start of Authority resource record could not be found for the resource.local zone on the DC-A.domain.LOCAL DNS server.

The Start of Authority resource record could not be found for the resource.local zone on the DC-B.domain.LOCAL DNS server.

The Start of Authority resource record could not be found for the resource.local zone on the DC-C.domain.LOCAL DNS server.

The Start of Authority resource record could not be found for the resource.local zone on the DC-D.domain.LOCAL DNS server.



Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-C.domain.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-D.domain.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-E.domain.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-F.domain.LOCAL server.


Warning: The DC-C.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-D.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-E.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-F.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-G.domain.LOCAL server is not connected to any of the specified subnets.




0
Comment
Question by:Indyrb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Accepted Solution

by:
Sajid Shaik M earned 2000 total points
ID: 36553308
this is the issue of DNS forwarders....

firstly create DNS forwarders in bothe servers as forwarders to each other.....


i.e rightclick DNS- Properties-forwarders-put the other server DNS- and finish....


in tcp ip properties put both DNS on each site primery and secondery....


ping both IP's and DNS...

then created trust relation ship....


all the best
0
 
LVL 5

Author Comment

by:Indyrb
ID: 36561619
So we have 6 ADS/DNS servers in each of the domains.
domain.local and resource.local

How should each server be forwarded in DNS

On each DNS server should it have itself as primary dns, then what as secondary dns
should others be added?

Should dynamic updates be enabled
Where is this configured?

What about use DNS suffix for this connection
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question